fixup! fix(@angular/ssr): validate host headers to prevent header-based SSRF

Author: alan-agius4

packages/angular/ssr/src/utils/headers.ts

@@ -21,6 +21,11 @@ const VALID_PROTO_REGEX = /^https?$/i;
  */
 const WWW_HOST_REGEX = /^www\./i;
 
+/**
+ * Regular expression to match path separators.
+ */
+const PATH_SEPARATOR_REGEX = /[/\\]/;
+
 /**
  * Set of hostnames that are always allowed.
  */
@@ -98,7 +103,7 @@ function validateHost(
   }
 
   // Reject any hostname containing path separators - they're invalid.
-  if (value.includes('/')) {
+  if (PATH_SEPARATOR_REGEX.test(value)) {
     throw new Error(`Header "${headerName}" contains path separators which is not allowed.`);
   }